We have a need to change the network password requirements from 8 to 10 character minimum.
Whilst we can just change the GPO and users will have to change their password, my concern is for service accounts.
Is it possible to search AD (possibly with Powershell?) in order to interrogate all user accounts in a given OU and provide a list of all accounts with a password 9 characters or shorter?
We have an encrypted password storage system but it is so awful it is not searchable to give us this information.
Alternatively, does password requirements only come into effect when a password is expired/has to be changed? If an account is set to have the password never expire would that not be affected by the change in requirements?